# HG changeset patch # User Dan # Date 1201135002 18000 # Node ID b8fd21190ae162ead8fe0361109fd3ae8b8a3088 # Parent 62e1a6f3de84856443f508d86f43e2a280879fb3# Parent f725a16e4a2078f6be70a7b96f0471f0ddd9c702 Merging in a couple revisions from Nighthawk diff -r 62e1a6f3de84 -r b8fd21190ae1 includes/template.php --- a/includes/template.php Wed Jan 23 19:36:16 2008 -0500 +++ b/includes/template.php Wed Jan 23 19:36:42 2008 -0500 @@ -297,7 +297,7 @@ $tb .= $button->run(); } // Edit button - if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) ) + if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->namespace != 'Anonymous') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) ) { $button->assign_vars(array( 'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="Edit the contents of this page (alt-e)" accesskey="e"', diff -r 62e1a6f3de84 -r b8fd21190ae1 includes/wikiengine/Tables.php --- a/includes/wikiengine/Tables.php Wed Jan 23 19:36:16 2008 -0500 +++ b/includes/wikiengine/Tables.php Wed Jan 23 19:36:42 2008 -0500 @@ -280,11 +280,24 @@ // In Enano 1.0.3, added this cheapo hack to keep ampersands // from being double-sanitized. Thanks to markybob from #deluge. + + // htmlspecialchars() the "manual" way $encValue = strtr( $text, array( - '&' => '&' + '&' => '&', + '"' => '"', + '<' => '<', + '>' => '>', + ''' => "'" ) ); - $encValue = htmlspecialchars( $text ); + $encValue = strtr( $text, array( + '&' => '&', + '"' => '"', + '<' => '<', + '>' => '>', + "'" => ''' + ) ); + // Whitespace is normalized during attribute decoding, // so if we've been passed non-spaces we must encode them diff -r 62e1a6f3de84 -r b8fd21190ae1 install.php --- a/install.php Wed Jan 23 19:36:16 2008 -0500 +++ b/install.php Wed Jan 23 19:36:42 2008 -0500 @@ -495,20 +495,7 @@ $admin_user = str_replace('_', ' ', $admin_user); $admin_user = $db->escape($admin_user); - switch ( $_POST['db_driver'] ) - { - case 'mysql': - $schema_file = 'schema.sql'; - break; - case 'postgresql': - $schema_file = 'schema-pg.sql'; - break; - } - - if ( !isset($schema_file) ) - die('insanity'); - - $schema = file_get_contents($schema_file); + $schema = file_get_contents('schema.sql'); $schema = str_replace('{{SITE_NAME}}', $db->escape($_POST['sitename'] ), $schema); $schema = str_replace('{{SITE_DESC}}', $db->escape($_POST['sitedesc'] ), $schema); $schema = str_replace('{{COPYRIGHT}}', $db->escape($_POST['copyright'] ), $schema); @@ -1249,76 +1236,6 @@ Choose a database driver'; - echo '

The next step is to choose the database driver that Enano will use. In most cases this is MySQL, but there are certain - advantages to PostgreSQL, which is made available only experimentally.

'; - if ( @file_exists('/etc/enano-is-virt-appliance') ) - { - echo '

You\'re using the Enano virtual appliance.
Unless you configured the appliance manually, PostgreSQL support is not available. In 99% of cases you\'ll want to click MySQL below.

'; - } - - $mysql_disable_reason = ''; - $pgsql_disable_reason = ''; - $mysql_disable = ''; - $pgsql_disable = ''; - if ( !function_exists('mysql_connect') ) - { - $mysql_disable = ' disabled="disabled"'; - $mysql_disable_reason = 'You don\'t have the MySQL PHP extension installed.'; - } - if ( !function_exists('pg_connect') ) - { - $pgsql_disable = ' disabled="disabled"'; - $pgsql_disable_reason = 'You don\'t have the PostgreSQL PHP extensnion installed.'; - } - if ( function_exists('pg_connect') && version_compare(PHP_VERSION, '5.0.0', '<') ) - { - $pgsql_disable = ' disabled="disabled"'; - $pgsql_disable_reason = 'You need to have at least PHP 5 to use the PostgreSQL database driver.'; - } - - echo '

'; - ?> - - - - > - MySQL
- Click this button to use MySQL as the database backend for your site. Most web hosts support MySQL, and if you have - administrative access to your MySQL server, you can create a new database and user during this installation process if you - haven't done so already. -
$mysql_disable_reason"; - } - ?> - - - - - > - PostgreSQL
- Click this button to use PostgreSQL as the database backend for your site. While not as widely supported, PostgreSQL has more - liberal licensing conditions and when properly configured is faster than MySQL. Some plugins may not work with the PostgreSQL - driver. -
$pgsql_disable_reason"; - } - ?> - - -

- /> -

- '; - break; - case "database_mysql": ?> -

Now we need some information that will allow Enano to contact your database server. Enano uses PostgreSQL as a data storage backend, - and we need to have access to a PostgreSQL server in order to continue.

If you do not have access to a PostgreSQL server, and you are using your own server, you can download PostgreSQL for free from - PostgreSQL.org.

- - - - - - - - - - - - - - - -

Database information
Database hostname This is the hostname (or sometimes the IP address) of your Postgres server. In many cases, this is "localhost".
Database name The name of the actual database. If you don't already have a database, you can create one here, if you have the username and password of a PostgreSQL superuser.
Database login These fields should be the username and password for a role that has permission to create and alter tables, select data, insert data, update data, and delete data. You may or may not choose to allow dropping tables.

Optional information
Table prefix The value that you enter here will be added to the beginning of the name of each Enano table. You may use lowercase letters (a-z), numbers (0-9), and underscores (_).
Database administrative login If the Postgres database or role that you entered above does not exist yet, you can create them here, assuming that you have the login information for a PostgreSQL superuser. Leave these fields blank unless you need to use them.

PostgreSQL version	PostgreSQL version information will be checked when you click "Test Connection". You need to have at least PostgreSQL 8.2.0 to install Enano.
Delete existing tables? If this option is checked, all the tables that will be used by Enano will be dropped (deleted) before the schema is executed. Do NOT use this option unless specifically instructed to.	Drop existing tables

- - - - -

Before clicking continue:
• Check your PostgreSQL connection using the "Test Connection" button.
• Be aware that your database information will be transmitted unencrypted several times.

- restart the installation.'; @@ -2078,7 +1769,6 @@ !isset($_POST['db_name']) || !isset($_POST['db_user']) || !isset($_POST['db_pass']) || - !isset($_POST['db_driver']) || !isset($_POST['sitename']) || !isset($_POST['sitedesc']) || !isset($_POST['copyright']) || @@ -2092,12 +1782,6 @@ $template->footer(); exit; } - if ( !in_array($_POST['db_driver'], array('mysql', 'postgresql')) ) - { - echo 'Invalid database driver.'; - $template->footer(); - exit; - } switch($_POST['urlscheme']) { case "ugly": diff -r 62e1a6f3de84 -r b8fd21190ae1 plugins/SpecialGroups.php --- a/plugins/SpecialGroups.php Wed Jan 23 19:36:16 2008 -0500 +++ b/plugins/SpecialGroups.php Wed Jan 23 19:36:42 2008 -0500 @@ -502,7 +502,8 @@ echo '

Database information

Optional information